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CLAIMS 



1. A programming interface embodied on one or more computer 
readable media, comprising: 

a first group of functions related to communicating a new security policy to 
a plurality of security engines, wherein each of the plurality of security engines is 
configured to replace an existing security policy with the new security policy; and 

a second group of functions related to communicating an indication of each 
security engine's readiness to implement the new security policy. 

2. A programming interface as recited in claim 1 wherein the first group 
of functions includes a method that instructs each of the plurality of security 
engines to delete the new security policy. 

3. A programming interface as recited in claim 1 wherein the first group 
of functions includes a method that initializes a particular security engine. 

4. A programming interface as recited in claim 1 wherein the first group 
of functions includes a method that instructs each of the plurality of security 
engines to implement the new security policy. 

5. A programming interface as recited in claim 1 wherein the first group 
of functions further comprises a method that communicates new data associated 
with an existing security policy to at least one of the plurality of security engines. 
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6. A programming interface as recited in claim 1 wherein the first group 
of functions further comprises a method that communicates configuration 
information to at least one of the plurality of security engines. 

7. A programming interface as recited in claim 1 wherein the second 
group of functions includes a method that indicates whether a particular security 
engine has implemented the new security policy. 

8. A programming interface as recited in claim 1 wherein the second 
group of functions further comprises a method that retrieves updated data 
associated with a particular security policy. 

9. A programming interface as recited in claim 1 wherein the second 
group of functions further comprises a method that communicates new data 
identified by one of the plurality of security engines to a security agent. 

10. A programming interface as recited in claim 1 wherein the second 
group of functions further comprises a method that allows one of the plurality of 
security engines to query a user of a system containing the plurality of security 
engines. 

11. A programming interface as recited in claim 1 wherein at least one 
of the plurality of security engines implements an antivirus service. 
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12. A programming interface as recited in claim 1 wherein at least one 
of the plurality of security engines implements a firewall application. 

13. A programming interface as recited in claim 1 wherein the plurality 
of security engines implement the new security policy after all security engines 
have indicated a readiness to implement the new security policy. 

14. A computer system including one or more microprocessors and one 
or more software programs, the one or more software programs utilizing an 
application program interface to implement a security policy on a plurality of 
security engines, the application program interface comprising the following 
functions: 

a first function that communicates a new security policy to the plurality of 
security engines; 

a second function that identifies whether each of the plurality of security 
engines is prepared to apply the new security policy; and 

a third function that instructs each of the plurality of security engines to 
implement the new security policy after determining that all of the security 
engines are prepared to apply the new security policy. 

15. A computer system as recited in claim 14 further comprising a 
fourth function that causes each of the plurality of security engines to delete the 
new security policy if at least one of the plurality of security engines is unable to 
apply the new security policy. 



Iee©hayes pile 509«324«9256 



77 



Attorney Docket No. MS1-1878US 



2 
3 
4 
5 
6 
7 
8 
9 

10 
11 

12 
13 
14 
15 
16 
17 
18 
19 
20 
21 
22 
23 
24 
25 



16. A computer system as recited in claim 14 further comprising a 
fourth function related to communicating event information identified by a first 
security engine to the other security engines. 

17. A computer system as recited in claim 14 further comprising a 
fourth function related to communicating security-related information identified 
by a first security engine to an event manager. 

18. A computer system as recited in claim 17 wherein the event 
manager communicates the security-related information to at least one of the 
plurality of security engines. 

19. A computer system as recited in claim 14 wherein at least one of the 
plurality of security engines is associated with a first type of security attack. 

20. A computer system as recited in claim 19 wherein at least one of the 
plurality of security engines is associated with a second type of security attack. 

21. A method comprising: 

calling one or more first functions to facilitate communicating a security 
policy to a first security engine; 

calling one or more second functions to facilitate determining whether the 
first security engine has applied the security policy; and 

calling one or more third functions to facilitate communicating security- 
related information from the first security engine to a second security engine. 
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22. A method as recited in claim 21 wherein the security-related 
information identifies a type of security attack. 

23. A method as recited in claim 21 further comprising calling one or 
more fourth functions to facilitate interacting with a user of a system containing 
the first security engine. 

24. A method as recited in claim 21 further comprising calling one or 
more fourth functions to facilitate communicating configuration information to the 
first security engine. 

25. A method as recited in claim 21 further comprising calling one or 
more fourth functions to facilitate instructing the first security engine and the 
second security engine to implement the security policy. 

26. A method as recited in claim 21 further comprising calling one or 
more fourth functions to facilitate communicating a revised security policy to the 
first security engine. 

27. A system comprising: 

means for exposing a first function that communicates a security-related 
event to an event manager; 

means for exposing a second function that identifies a plurality of security 
engines associated with the security-related event; and 
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means for exposing a third function that communicates the security-related 
event to the identified security engines. 

28. A system as recited in claim 27 further comprising: 

means for exposing a fourth function that communicates a new security 
policy to the plurality of security engines; and 

means for exposing a fifth function that instructs the plurality of security 
engines to replace an existing security policy with the new security policy. 

29. A system as recited in claim 28 further comprising means for 
exposing a sixth function that instructs the plurality to security engines to delete 
the new security policy if at least one of the plurality of security engines cannot 
implement the new security policy. 

30. A system as recited in claim 27 wherein the security-related event is 
detection of a virus. 

31. A system as recited in claim 27 wherein the security-related event is 
an unauthorized attempt to access a storage device. 

32. A system as recited in claim 27 further comprising means for 
exposing a fourth function that notifies the event manager that a particular security 
engine has finished processing another function call. 



iee@hayes pile 509'324-9256 



80 



Attorney Docket No. MSI-1878US 



